Content management method, recording and/or reproducing apparatus, and recording medium

ABSTRACT

In a content management method, content data is encrypted by a first key, the first key is encrypted by plural types of second keys, the encrypted first key is multiply encrypted by a third key, and the third key is encrypted by a fourth key. These encrypted content data, a medium key which is the first key encrypted by the second key and a move key which is a first key multiply encoded by the second and third keys are recorded in a recording medium, the third key encrypted by the fourth key is recorded in a security region. This management method is managed by the move key and the medium key.

CROSS-REFERENCE TO RELATED APPLICATIONS

[0001] This application is based upon and claims the benefit of priorityfrom the prior Japanese Patent Application No. 2002-348925, filed Nov.29, 2002, the entire contents of which are incorporated herein byreference.

BACKGROUND OF THE INVENTION

[0002] 1. Field of the Invention

[0003] The present invention relates to a content management method formanaging content data and a recording and/or reproducing apparatus usingthe management method; and a recording medium having content data or thelike recorded therein by the apparatus. More particularly, the presentinvention relates to a content management method, a recording and/orreproducing apparatus which enable predetermined movement of contentdata while preventing unlimited illegal copy; and a recording medium forthe method and apparatus.

[0004] 2. Description of the Related Art

[0005] Conventionally, as a medium for recording digitized information(such as a document, a voice, an image, or a program, for example), acompact disk or a laser disk is used for a medium for recording a voiceor an image. In addition, a floppy disk or a hard disk is used for amedium for recording a program or data in a computer or the like. Inaddition to these recording mediums, a DVD (Digital Versatile Disk)which is a large capacity recording medium is developed.

[0006] In a variety of such digital recording mediums, digital data(including compressed or encoded data which can be decoded) is recordedintact during recording. Thus, recorded data can be copied from onemedium to another medium easily and without losing a sound loss or animage quality, for example. Therefore, in these digital recordingmediums, there is a problem that a large amount of copies can beproduced, causing infringement of copyrights.

[0007] Concurrently, as a content encryption and/or decryption method ofthe conventional technique, a copyright protection system called CSS(Content Scramble System) is introduced for a DVD-video disk usedexclusively for reproduction in order to prevent illegal copy ofcontents.

[0008] In the above described conventional apparatus, however, movementof contents are carried out while illegal copy is prevented andcopyrights are protected, and at the same time, reproduction of contentscannot be carried out by a conventional reproducing apparatus which is ageneral-purpose machine. That is, there is a problem that there cannotbe ensured user's convenience that, while movement of content data iscarried out properly, reproduction by the conventional apparatus iscarried out.

BRIEF SUMMARY OF THE INVENTION

[0009] According to one embodiment of the present invention, there isprovided a content management method, comprising: encrypting contentdata by a first key (TK); encrypting the first key by predeterminedplural types of second keys (MUK); multiply encrypting the encryptedfirst key (Enc-TK) by a third key (MM); encrypting the third key by apredetermined fourth key (MMK); recording in a recording medium contentdata (Enc-Contents) encrypted by the first key, the first key (Enc-TK)encrypted by the predetermined plural types of second keys, and thefirst key (Enc2-TK) obtained by multiply encrypting the encrypted firstkey (Enc-TK) by the third key (MM), and recording the third key (Enc-MM)encrypted by the fourth key in a security region of the recordingmedium.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWING

[0010]FIG. 1 is a block diagram depicting an example of encryption by acontent management method according to an embodiment of the presentinvention;

[0011]FIG. 2 is a block diagram depicting an example of decryption by ageneral method for contents encrypted by the content management methodaccording to an embodiment of the present invention;

[0012]FIG. 3 is a block diagram depicting an example of decryption by amethod according to an embodiment of the present invention for thecontents encrypted by the content management method according to anembodiment of the present invention;

[0013]FIG. 4 is a view showing an example of a recording medium havingrecorded therein the contents encrypted by the content management methodaccording to an embodiment of the present invention;

[0014]FIG. 5 is an illustrative view illustrating an example of move ofa move key (Move-Key: Enc2-TK) and a medium key (MB-Key: Enc-TK) by thecontent management method according to an embodiment of the presentinvention;

[0015]FIG. 6 is a block diagram depicting an example of a structure of arecording and/or reproducing apparatus to which the content managementmethod according to an embodiment of the present invention is applied;

[0016]FIG. 7 is a block diagram illustrating a detailed example of anencrypting scheme in the case where the content management methodaccording to an embodiment of the present invention is applied to therecording and/or reproducing apparatus;

[0017]FIG. 8 is a block diagram illustrating a detailed example of adecrypting scheme in the case where the content management methodaccording to an embodiment of the present invention is applied to therecording and/or reproducing apparatus;

[0018]FIG. 9 is a flow chart showing an operation for recording in arecording medium D1 the contents and key information encrypted by thecontent management method according to an embodiment of the presentinvention;

[0019]FIG. 10 is a flow chart showing an operation in the case wherecontents are moved from a recording medium D2 having recorded thereinthe contents encrypted by the content management method according to anembodiment of the present invention to another recording medium D2;

[0020]FIG. 11 is a flow chart showing an operation in the case wherecontents are moved from the recording medium D2 having recorded thereinthe contents encrypted by the content management method according to anembodiment of the present invention to another recording medium D3;

[0021]FIG. 12 is a flow chart showing an operation in the case wheremovement of contents are carried out with channel down from therecording medium D2 having recorded therein the contents encrypted bythe content management method according to an embodiment of the presentinvention to such another recording medium D3;

[0022]FIG. 13 is a view showing an scheme for generating a security key(MM) in the content management method according to an embodiment of thepresent invention;

[0023]FIG. 14 is a view showing an example of a storage region for amove key (Move-Key: Enc2-TK) and a medium key (MB-Key: Enc-TK) in arecording medium in the content management method according to anembodiment of the present invention; and

[0024]FIG. 15 is a view showing an example of a table for a move key(Move-Key: Enc2-TK) and a medium key (MB-Key: Enc-TK) in a recordingmedium in the content management method according to an embodiment ofthe present invention.

DETAILED DESCRIPTION OF THE INVENTION

[0025] Hereinafter, a content management method, a recording and/orreproducing apparatus, and a recording medium according to the presentinvention will be described in detail with reference to the accompanyingdrawings. FIG. 1 is a block diagram depicting an example of encryptingby a content management method according to the present invention. FIG.2 and FIG. 3 are block diagrams each showing an example of decrypting bya general method for the encrypted contents. FIG. 4 shows an example ofa recording medium having recorded therein the encrypted contents. FIG.5 is an illustrative view illustrating an example of move of a move key(Move Key: Enc2-TK) and a medium key (MB-Key: Enc-TK) by the contentmanagement method according to the present invention.

General Description of Content Management Method According to thePresent Invention

[0026] Now, a general description of the content management methodaccording to the present invention will be given with reference to theaccompanying drawings. First, an encrypting and/or decrypting schemewill be described below. The content management method according to thepresent invention is featured in that there are recorded in a recordingmedium: a move key (Move-Key: Enc2-TK) which assures movement of contentdata; and a medium key (MB-Key: Enc-TK) which assures reproduction by areproducing apparatus, together with encrypted content data.

[0027] (Encrypting)

[0028] An scheme for encrypting and/or recording content data in thecontent management method according to the present invention can bedescribed by working of an AV encoder module M1 and working of a driveV1. In the AV encoder module M1 of FIG. 1, a visual (V) or audio (A)signal is encoded in a DVD format by means of an encoder 12, and theencoded signal is selected together with digital data 11 by means of aselector 13. Then, the selected signal is subjected to scramble(encryption) processing in a scramble circuit 14 by means of a title key(TK), and the processed signal is recorded as (Enc-Contents) in a diskD.

[0029] At this time, the title key (TK) is generated by means of arandom number generator 18. The decrypted key TK is decrypted in adecoder circuit 20 by means of a decryption key (MUK), and the decryptedtitle key (Enc-TK) is generated. Here, the encrypted key (MUK) havingthe encrypted title key (TK) is obtained as follows. By means of an MKBprocessor 17, a device key K1 (DvK116) is MKB-processed by using (MKB)data read out from a recording medium to generate a medium key (MMK),and further, the resultant key is generated after MID-processed by meansof a MID processor 19.

[0030] Further, an encryption title key (Enc-TK) is multiply encryptedby means of a security key (MM), and a multiply encryption title key(Enc2-TK) is generated, and then, supplied to a selector 27 as with anencryption title key (Enc-TK).

[0031] Here, the security key (MM) is supplied by means of a randomnumber generator 24. A device key (DvK2) specific to a drive V1 issubjected to MKB processing by means of an MKB processor 23 according toa given MKB from a recording medium. This security key (MM) is encryptedby means of the obtained encryption key (MMK), and an encryptedencryption key (Enc-MM) is obtained.

[0032] The thus obtained encrypted content data (Enc-Contents): a titlekey (Enc-TK) (=medium key (MB-key) encrypted by an encryption key (MUK);and a title key (Enc2-TK) (=move key (Move-Key)) multiply encoded by thesecond and third keys are each recorded in recording regions of anoptical disk D. Further, the previously encrypted third key (Enc-MM) isrecorded in a security region of the optical disk D. An example ofrecording these signals into the optical disk D is shown in FIG. 4.

[0033] That is, both of the move key (Move-Key; Enc2-TK) and the mediumkey (MB-Key; Enc-TK) (one of them after movement of contents) arerecorded into the optical disk D via a selector 27 according to acontrol signal from an R-Control 15 which is a recording processingcontrol portion.

[0034] Here, in order to achieve reproduction and exchange ofinformation recorded in an optical disk recording medium by anotherreproducing apparatus, identical key information (MK) is generated witha plurality of device keys (Dvk). Further, medium binding is carried outby medium specific information (M-ID), thereby preventing full copy intoanother medium.

[0035] As described later in detail, when contents are copied or moved,two encryption keys, i.e., the move key (Move-Key; Enc2-TK) and themedium key (MB-Key; Enc-TK) are selectively recorded in the optical diskD, thereby enabling reproduction by a general-purpose machine under apredetermined condition or processing for moving restrictive contentdata.

[0036] (Two Reproducing Schemes)

[0037] With respect to an optical disk D having recorded therein thecontent data thus encrypted as shown in FIG. 4 and the encrypted keyinformation, as shown below, an optical disk D having at least a mediumkey (MB-Key; End-TK) recorded therein can be reproduced by means of aconventional general-purpose optical disk reproducing apparatus.Further, an optical disk D having only the move key (Move-Key; Enc2-TK)recorded therein is reproduced by means of only the optical diskreproducing apparatus in which the content management method accordingto the present invention is carried out.

[0038] That is, FIG. 2 is a view showing a decrypting process carriedout by using only the medium key (MB-Key; Enc-TK) according to thepresent invention with a reproducing apparatus which is a conventionalgeneral-purpose machine. In this figure, in an optical disk D having atleast a medium key (MB-Key; Enc-TK) recorded therein, the medium keyblock information (MKB) and medium specific information (M-ID) recordedin advance in a medium; and a medium key (MB-Key; Enc-TK) are suppliedto an AV decoder module M2 via a bus authentication 21. Further,encrypted content data (Enc-Contents) are supplied to an AV decodermodule M2.

[0039] The encrypted content data (Enc-Contents) are processed to bede-scrambled (decryption) by means of a title key (TK) in a de-scrambler29, and the resultant data is reproduced after supplied to an AV decoder30. Here, the title key (TK) is obtained by an encryption title key(Enc-TK) being read out from the disk D, sent to a decrypting portion28, and decrypted by an encryption key (MUK). In addition, as with therecording side, the encryption key (MUK) is acquired by means of the MKBprocessor 17 and MID processor 19 based on medium key block information(MKB) and medium specific information (M-ID).

[0040] In this manner, even in the conventional optical disk reproducingapparatus or the like which does not carry out processing by the contentdata management method according to the present invention, the contentdata contained in the optical disk D having the medium key (MB-Key;Enc-TK) recorded therein can be reproduced.

[0041] On the other hand, as shown in FIG. 3, in an optical disk D inwhich only the move key (Move-Key, Enc2-TK) is assigned, processing bythe content data management method according to the present invention iscarried out, thereby enabling reproduction.

[0042] That is, a drive V1 to which medium key block information (MKB),an encryption title key (Enc-MM), a multiply encryption title key(Enc-2-TK), and encrypted contents (Enc-Contents) are assigned from anoptical disk unit obtains a security key (MM) by decrypting it by adecrypting portion 31 using a key (MMK) obtained by subjecting it to anMKB process 23 by a device key (DvK2) specific to the drive V1. In thismanner, the multiply encryption title key (Enc2-TK) is decrypted into anencryption title key (Enc-TK), and is supplied to a module M2 via thebus authentication 21.

[0043] In the module M2, a device key (DvK) specific to the module M2 issubjected to an MKB process 17 based on the medium key block information(MKB), and the encrypted title (Enc-TK) is decrypted at a decryptingportion 28 by means of the encryption key (MUK) obtained by subjectingit to an MID process 19 based on medium specific information (M-ID),thereby obtaining a title key (TK).

[0044] Using this title key (TK), the encrypted content data(Enc-Contents) is decrypted by means of a de-scramble portion 29,whereby the content data can be supplied to an AV decoder 30.

[0045] In this manner, in a disk D in which only the move key (Move-Key;Enc2-TK) is assigned, reproduction or move which will be described lateris enabled only by an optical disk recording and/or reproducingapparatus which carries out processing by the content data managementmethod according to the present invention. (Moving contents by thecontent management method according to the present invention)

[0046] Now, a general description of an scheme for moving content databy the content data management method according to the present inventionwill be given by way of example. In FIG. 5, in the content datamanagement method according to the present invention, two types of keys,i.e., a move key (Move-Key; Enc2-TK) and a medium key (MB-Key; Enc-TK)are used, and these keys are recorded in a recording medium as required,whereby restriction on reproduction, copy, or move can be applied. Thatis, according to the content data management method according to thepresent invention, there exist three types of recording mediums such asan optical disk, “a medium key (MB-Key) and a move key (Move-Key)”,“only a medium key (MB-Key)”, and “only a move key (Move-Key)”. Here, adescription of content data or the like is eliminated, and only the twokeys, i.e., the medium key and move key, will be generally described.

[0047] In FIG. 5, with respect to copy limited source contents S, amedium key (MB-Key) and a move key (Move-Key) are assigned to a firstdisk D1 (recording medium). In this manner, reproduction by areproducing apparatus according to the present invention as well as ageneral reproducing apparatus is enabled.

[0048] Next, in the case where the content data in the disk D1 is movedto a new disk D2 by means of the reproducing apparatus according to thepresent invention, the move key (Move-Key) is deleted from the disk D1,and a disk D1′ having only the medium key (MB-Key) is obtained only themove key (Move-Key) is recorded in the new disk D2. In this manner, thedisk D1′ can be reproduced by the general reproducing apparatus only. Inaddition, the disk D2 cannot be reproduced by the general reproducingapparatus. This disk can be reproduced or processed to be moved by onlythe recording and/or reproducing apparatus according to the presentinvention.

[0049] Further, in the case where the content data in the disk D2 whichserves as such a move key (Move-Key) is moved to a new optical disk D3,the move key (Move-Key) of the optical disk D2 is deleted by means ofthe reproducing apparatus according to the present invention, and cannotbe reproduced again. Only the move key (Move-Key) is recorded in theoptical disk D3, and the disk can be reproduced or processed to be movedby only the recording and/or reproducing apparatus according to thepresent invention.

[0050] Furthermore, in moving the content data from the optical disk Dby the recording and/or reproducing apparatus according to the presentinvention, the target is not limited to the optical disk. A generaldigital recording medium such as an SD (Secure Digital) is also targetedto be moved. Here, the move key (Move-Key) can be moved from the opticaldisk D3 to the SD (Secure Digital) card D4. As is the case with movingthe optical disk D3 from the previous optical disk D2, the move key(Move-Key) is deleted from the optical disk D3, and cannot bereproduced. Only the move key (Move-Key) is recorded in the SD (SecureDigital) card D4, and the disk can be reproduced or processed to bemoved by only the recording and/or reproducing apparatus according tothe present invention.

Application Example of the Content Management Method According to thePresent Invention

[0051] Now, an embodiment in the case where the content managementmethod according to the present invention is applied to a specificoptical disk recording and/or reproducing apparatus will be described indetail with reference to the accompanying drawings. FIG. 6 is a blockdiagram depicting an example of a structure of a recording and/orreproducing apparatus to which the content management method accordingto the present invention is applied. FIG. 7 is a block diagramillustrating a detailed example of a decrypting scheme in the case wherethe scheme is applied to the recording and/or reproducing apparatus.FIG. 8 is a block diagram illustrating a detailed example of adecrypting scheme.

[0052] (Recording and/or Reproducing Apparatus)

[0053]FIG. 6 shows an optical disk recording and/or reproducingapparatus A to which the content management method according to thepresent invention is applied. The optical disk recording and/orreproducing apparatus A has a control portion consisting of: a systemcontrol portion 162 which governs the entire operation; a RAM 161serving as a work area; a ROM 160; and a servo control portion 152.Further, this apparatus has an optical pickup 154 which irradiates laserbeam to an optical disk D; and a signal processing portion 156 whichreceives a detection signal for reproduction or supplies a signal forrecording, thereby carrying out ECC processing or the like. Theapparatus A has a bus authenticating portion 21 described previously inFIG. 1 or the like. Further, the apparatus has a bus authenticatingportion 21 provided via a cable similarly, and has a data processingportion 158 which carries out encoding or decoding and the like. Inaddition, a medium reader and/or writer 166 which is an interface for arecording medium such as an SD card is connected to the signalprocessing portion 156. An interface 165 which carries out signal inputor output with a RAM 159 or an external device is connected to the dataprocessing portion 158. Furthermore, the apparatus A has: servo controlsystem processor circuits 155 connected to the above described servocontrol portion 152; an actuator driver 153 connected thereto; and adisk motor 151.

[0054] In the optical disk unit A having such a configuration, thesystem control portion 162 uses the RAM 161 as a work area, and carriesout predetermined operation in accordance with a program including thepresent invention, the program being recorded in the ROM 160. The laserbeam outputted from the optical pickup 154 is irradiated on an opticaldisk D. The reflection light from the optical disk D is converted intoan electrical signal by means of a head amplifier. This electricalsignal is inputted to the signal processing portion 156. An RF amplifieror the like is included in the signal processing portion 156.

[0055] During recording operation, the encrypting process described indetail with reference to FIG. 1 is applied to content data, and arecording process is carried out for the optical disk D. In more detail,the data processing portion 158 assigns an error detecting code (EDC) orID to content data sent via the interface 165 by using a write clockproduced via a write channel circuit (not shown), and applies datascramble processing using the above described encoding. Further, thisdata processing portion assigns an error correcting code (ECC), assignsa synchronizing signal, modulates a signal other than the synchronizingsignal, and records a signal in the optical disk D by using the laserbeam controlled by right strategy optimal to a compatible medium.

[0056] During reproducing operation, the decoding process described indetail with reference to FIG. 2 and FIG. 3 is applied to content data,and reproduction processing of the content data stored in the opticaldisk D is carried out. In more detail, the RF signal read out from thehead amplifier of the optical pickup 154 is sent to a PLL circuit (notshown) in the signal processing portion 156 through an optimalequalizer. Channel data is read out by a read clock produced by a PLLcircuit. The decrypting process using the above described decrypting isapplied to the read data. Further, the decrypted data is synchronized bymeans of the data processing portion 158, and symbol data is read out.Then, a de-scramble process using error correction or the abovedescribed decrypting process is carried out, and the de-scrambled datais transferred to the outside through the interface 165.

[0057] In this manner, the recording process and reproducing process isapplied by means of the above described optical disk recording and/orreproducing apparatus A.

[0058] In addition, the signal processing portion 156 and dataprocessing portion 158 each has a bus authenticating portion 21, andprovides safeguard against a third person who extracts a signal bydisconnecting a cable from both parties, and attempts to make illegalcopy. That is, each bus authenticating portion 21 has a random numbergenerator (not shown). In this manner, this generator generates the sameencryption key, encrypts transmission information, and transmits it tothe remote party. The remote device having received transmission signaldecrypts the encrypted transmission information by the same encryptionkey which has been locally generated. This encryption key is changed andgenerated according to a predetermined time, thus making it difficultfor the third person to reproduce it. As long as the encryption key atthis time cannot be reproduced, even if a signal is extracted by cabledisconnection, illegal copy of content data or the like cannot be made.

[0059] (Security of Encryption Key by Modulation and/or DemodulationProcess)

[0060] A security process for encryption key information having appliedthereto an operation of a modulator and/or demodulator circuit carriedout by the signal processor circuit 156 will be described here. Atessential portions of the content management method for the recordingprocess shown in FIG. 7, an AV encoder module M1 is identical to thatshown in FIG. 1. At essential portions of the content management methodfor the recording process shown in FIG. 8, an AV decoder module M2 isidentical to that shown in FIG. 3. A duplicate description is omittedhere.

[0061] At a drive portion V3 of FIG. 7, in addition to a configurationof the drive V1 of FIG. 1, an ECC circuit or the like is shown. That is,a signal from a content scramble 14 which is main data is modulated bymeans of a modulator circuit 44 when an error correcting signal isassigned by means of an ECC circuit 43. Further, an encrypted securitykey (Enc-MM) as well is subjected to error correction encoding by meansof an ECC circuit 47, and the encrypted key is modulated by means of asecond modulator circuit 48. Then, the modulated key is replaced withpart of the main data by means of a selector 45, and is recorded in astorage region of the optical disk D by means of a write channel circuit46.

[0062] On one hand, at a drive portion V4 of FIG. 8, data to which anerror correction code is assigned is read out from the optical disk D,and the read out data is demodulated by means of the second modulatorcircuit 45. Then, an encrypted security key (Enc-MM) can be extracted bymeans of the ECC circuit 46. On the other hand, in FIG. 7, the encryptedsecurity key (Enc-MM) is modulated and recorded by using the secondmodulator 48 which is different from the modulator 44 for main data.Thus, the encrypted security key (Enc-MM) cannot be demodulated at thedemodulator 42 for main data at a readout portion, and the key isprocessed as error data. In this manner, the third person cannot extractthe encrypted security key (Enc-MM) for the purpose of illegal copy. Bythus applying the modulation and/or demodulation process, securityinformation which cannot be detected by general main data modulationprocessing can be produced. In addition, processing can be carried outin the same manner such that encrypted key information (Enc-MM) issubstantially recorded and reproduced in a security region. In thismanner, even with a passive recording medium such as an optical disk, itbecomes possible to construct a high level protection system.

[0063] (Moving Flow Chart 1)

[0064] A process for moving content data briefly described previouslybetween recording mediums will be described in detail by way of flowchart. FIG. 9 is a flow chart showing an operation for recording into arecording medium D1 the contents and key information encrypted by thecontent management method according to the present invention. FIG. 10 isa flow chart showing an operation in the case where contents are movedfrom the recording medium D1 to another recording medium D2. FIG. 11 isa flow chart showing an operation in the case where contents are movedfrom the recording medium D2 to another recording medium D3. FIG. 12 isa flow chart showing an operation in the case where this moving iscarried out with channel down.

[0065] The content management method according to the present inventionis achieved with a configuration of the signal processing portion 156and data processing portion 158 in the optical disk recording and/orreproducing apparatus, as described above. These processes can becarried out even by means of a program or the like describing proceduresfor applying the content management method to detection information.Hereinafter, the content management method according to the presentinvention will be described in detail by way of flow chart.

[0066] In the flow chart shown in FIG. 9, a description will be givenwith respect to a case in which content data is copied from copy limitedcontent data S to a recording medium D1 such as an optical disk D.

[0067] First, medium key block information (MKB) for generating keyinformation (MK); and medium specific information (M-ID) are read outfrom the recording medium D1, and these items of information aretransferred to an AV encoder portion M1 (S11). Then, at the AV encoderportion M1, key information (MK) is extracted from the medium key blockinformation (MKB) by using a device specific decryption key (DvK1) 16.Then, an encryption key (MUK) for encrypting a title key is generatedfrom the key information (MK) and the medium specific information (M-ID)(S12).

[0068] Next, a title key (TK) is generated by means of a random numbergenerating process. Then, the content data for which copyrightprotection has been specified is scramble-encrypted by means of thetitle key (TK) (S13). Then, the title key (TK) is encrypted by means ofa key (MUK) for encrypting a title key, and the encryption title key(Enc-TK) is generated (S13). Then, the encrypted contents (Enc-Contents)and encryption title key (Enc-TK) are transferred to the drive V1 via abus authenticating portion (S14).

[0069] Here, it is determined whether or not recording contents areenabled to be moved (S15). When the determination result is affirmative,a security key (MM) is generated by means of a random number generatingprocess. Then, the encryption title key (Enc-TK) is multiply encryptedby means of the security key (MM), and a multiply encryption title key(Enc-TK) is generated. Then, a medium key (MB-Key) for the encryptedcontents (Enc-Contents) and a group of encryption title keys (Enc-TK)and a move key (Move-Key) for a group of the multiply encryption titlekeys (Enc2-TK) are recorded in the recording medium D1 (S16).

[0070] Further, by means of a device key (DvK2) in the drive V1, anencryption key (MMK) is detected based on medium key block information(MKB). A security key (MM) is encrypted by means of the encryption key(MMK), and an encrypted encryption key (Enc-MM) is generated (S17).Then, a signal of the encrypted encryption key (Enc-MM) is recorded in asecurity region (S18).

[0071] If the determination result is negative in the step S15, a mediumkey (MB-Key) for encrypted contents (Enc-Contents) and a group ofencryption title keys (Enc-TK) is recorded in the recording medium D1(S19).

[0072] By means of these processes, content data is encrypted, and bothof the move key (Move-Key; Enc2-TK) and the medium key (MB-Key; Enc-TK)or only the medium key, which are features of the content managementmethod according to the present invention, are/is recorded in theoptical disk D1.

[0073] (Moving Flow Chart 2)

[0074] In the flow chart shown in FIG. 10, a description will be givenwith respect to an operation in the case where contents are moved from arecording medium D1 to another recording medium D2.

[0075] First, medium key block information (MKB) and medium specificinformation (M-ID) are read out from a move destination recording mediumD2, and an encryption key (MUK2) is generated therefrom. Next, arecording medium D1 is set, and content management information isdetected (S22). Here, it is determined whether or not the correspondingcontent medium key (MB-Key) and move key (Move-Key) are present (S23).

[0076] When it is determined that only the move key (Move-Key) ispresent in the step S23, an encryption key (MMK) is detected by usingmedium key block information (MKB) and a device key (DvK2). Then, anencrypted encryption key (Enc-MM) is decrypted, and a security key (MM)is detected. Then, a multiply encryption title key (Enc2-TK2) isdecrypted by means of a security key (MM), and an encryption title key(Enc-TK) is generated (S31).

[0077] When both of the medium key (MB-Key) and move key (Move-Key) arepresent at the step S23, the medium key block information (MKB) in therecording medium D1 and medium specific information (M-ID) aretransferred through bus authentication, and an encryption key (MUK) isdetected by means of a device specific encryption key (DvK1) (S24).Further, an encryption title key (Enc-TK) is decrypted by means of anencryption key (MUK), and a title key (TK) is generated. Furthermore,encrypted contents are read out from the recording medium D1, and theread out contents are decrypted by means of a title key (TK). Then, thedecrypted contents are re-scrambled (encrypted) by means of a title key(TK2) generated by a new random number generator, and the encryptedcontents are temporarily recorded (S25). Then, a multiply encryptiontitle key (End2-TK) which is a move key (Move-Key) of the correspondingcontents of the recording medium D1 is deleted (S26).

[0078] Then, the current recording medium is changed to a recordingmedium D2; a title key (TK2) is encrypted by means of an encryption key(MUK2); and an encryption title key (Enc-TK2) is generated (S27). Then,a new security key (MM2) in a recording drive is generated; anencryption title key (Enc-TK2) is multiply encrypted; and a multiplyencryption title key (Enc2-TK2) is generated.

[0079] Then, an encryption key (MMK) is generated by using the mediumkey block information (MKB) in the recording medium D2; and the devicekey (DvK2); a security key (MM2) is encrypted; and an encryptedencryption key (Enc-MM2) is generated (S28). Next, the encryptedcontents (Enc-Contents) encrypted by the title key (TK2) and themultiply encryption title key (Enc2-TK2) are recorded in the recordingmedium D2. Further, the encrypted encryption key (Enc-MM2) is recordedin a security region (S29).

[0080] In addition, when no move key (Move-Key) is present in the stepS23, moving is disabled (S30).

[0081] In this manner, the move key (Move-Key) is deleted from the movesource recording medium D1, and only the medium key (MB-Key) isobtained. Then, moving of content data is disabled. As a result,reproduction can be carried out by means of a reproducing apparatuswhich is a conventional general-purpose machine, but moving of thecontent data is disabled. On the other hand, only the move key(Move-Key) is present in the move destination recording medium D2.Reproduction and further moving are enabled with only a dedicatedmachine capable of implementing the content management method accordingto the present invention.

[0082] (Moving Flow Chart 3)

[0083] In the flow chart shown in FIG. 11, a description will be givenwith respect to an operation in the case where contents are moved fromthe recording medium D2 to another recording medium D3.

[0084] First, medium key block information (MKB) and medium specificinformation (M-ID) are read out from the move destination recordingmedium D3, and an encryption key (MUK2) is generated (S21).

[0085] Next, the recording medium D2 is set, and content managementinformation is detected (S22). Then, it is determined whether or not thecorresponding content medium key (MB-Key) and move key (Move-Key) arepresent (S23).

[0086] When no move key (Move-Key) is present, moving content data isdisabled (S30).

[0087] When it is determined that only the move key (Move-Key) ispresent, an encryption key (MMK) is extracted by using medium key blockinformation (MKB) and a device key (DvK2). Then, an encrypted encryptionkey (Enc-MM is decrypted), and a security key (MM) is detected. Then, amultiply encryption title key (Enc2-TK2) is decrypted by means of asecurity key (MM), and an encryption title key (Enc-TK2) is generated(S31).

[0088] When it is determined that the medium key (MB-Key) and move key(Move-Key) are present in the step S23, the medium key block informationin the recording medium D2 and the medium specific information (M-ID)are transferred through bus authentication. Then, an encryption key(MUK2) for a title key is detected by means of a device specificdecryption key (DvK1) (S42). Next, an encryption title key (Enc-TK) isdecrypted by means of a decryption key (MUK2) for a title key, and atitle key (TK2) is detected. Then, encrypted contents (EC-Contents) areread out from the recording medium D2, and the read out contents aretemporarily stored (S43). Then, a multiply encryption title key(Enc2-TK2) which is a move key (Move-Key) for the corresponding contentsof the recording medium D2 is deleted (S26).

[0089] Next, the current recording medium is changed to a recordingmedium D3; a title key (TK2) is encrypted by means of an encryption key(MUK2); and an encryption title key (Enc-TK3) is generated (S27). Next,a new security key (MM3) in the recording drive is generated; anencryption title key (Enc-TK3) is multiply encrypted; and a multiplyencryption title key (Enc2-TK3) is generated. Then, an encryption key(MMK) is generated by using the medium key block information (MKB) inthe recording medium D3 and the device key (DvK2); a security key (MM3)is encrypted; and an encrypted encryption key (Enc-MM3) is generated(S28). Then, the encrypted contents (Enc-Contents) encrypted by thetitle key (TK2) and the multiply encryption title key (Enc2-TK3) arerecorded in the recording medium D3, and the encrypted encryption key(Enc-MM3) is recorded in the security region (S29). The encryption titlekey (Enc-TK3) in the flow chart 3 of FIG. 11 includes a plenty of thesteps common to the flow chart 2 of FIG. 10, but is different therefromin that, in the steps S42 and S43, the title key (TK2) is encrypted bymeans of the encryption key (MUK2), and the encryption title key(Enc-TK3) is generated.

[0090] In this manner, in the move source recording medium D2, the movekey (Move-Key) is deleted, thus making it impossible to move orreproduce content data. On the other hand, in the move destinationrecording medium D3, only the move key (Move-Key) is obtained, thusenabling reproduction and further moving by only the dedicated machinecapable of implementing the content management method according to thepresent invention.

[0091] In addition, a recording medium targeted by the contentmanagement method according to the present invention is not limited toan optical disk, and can include a general digital recording medium suchas an SD (Secure Digital) card D4 or the like, as shown in FIG. 5.

[0092] (Moving Flow Chart 4)

[0093] Further, in a process for moving content data shown in the flowchart of FIG. 11, a description will be given with respect to a case inwhich multi-channel audio source data (5.1 channels) is processed byreducing the channel down to 2 channels. These processes are basicallyidentical to those shown in the flow chart of FIG. 11. The step S42 andstep S43 in the flow chart of FIG/ 11 are carried out by means of aprocess substituted for the step S44.

[0094] That is, in the step S44 of the flow chart of FIG. 12, anencryption title key (Enc-TK) is decrypted by means of an encryption key(MUK2), and a title key (TK2) is generated. Then, encrypted contents(Enc-Contents) are read out from the recording medium D2, and the readout contents are decrypted by means of a title key (TK2). Further,multi-channel audio source data is reduced down to 2 channels; the datais scrambled (encrypted) again by means of a title key (TK3) generatedby a random number generator, and the encrypted data is temporarilyrecorded (S44).

[0095] In such a process, while audio source data (5.1 channels) isreduced down to 2 channels, content data can be moved from the recordingmedium D2 to a new recording medium D3. Its advantageous effect isidentical to the moving process in the flow chart of FIG. 11.

[0096] (Method for Increasing Key Information and Key for Each MusicItem File)

[0097] Furthermore, content data targeted by the content managementmethod according to the present invention can take a form of a pluralityof voice files as music information on a plurality of music items, forexample. A plurality of information may be stored in a visual image fileor an image file, for example. Here, a description will be given by wayof example of voice file. In this form, different title keys (TK)supplied by a random number generator 18 shown in FIG. 1 are provided ona file by file basis, and each of these keys is encrypted, therebyenabling move to another recording medium for each music item of musicinformation. In this manner, the degree of freedom for user's contentutilization can be improved very remarkably.

[0098] However, if move keys (move-Key=Enc2-TK) are generated to beassociated with a plurality of title keys (TK) on a one by one basis,there occurs a need to provide security keys (MM) in the drive portionV1 by the number of a plurality of music files. However, if the securitykeys (MM) are provided by the number of music items, and then, all ofthese keys are stored in a security region of an optical disk D, it isnot preferable since the security region requires a large storagecapacity, causing an increase in storage capacity. In particular, in asecurity information recording system using the above modulation and/ordemodulation process, while part of the main data is damaged, andsecurity information is recorded. This situation is not preferable inreproduction processing of the main data, and thus, it is desirable toreduce security information to the minimum.

[0099] Because of this, a plurality of keys are increased in accordancewith predetermined procedures based on a security key (MM); theincreased keys are used for encryption; and only the security key (MM)which is a source of increase is stored in the security region, therebymaking it possible to manage a plurality of files, while reducing thestorage capacity of the security region.

[0100]FIG. 13 is a view showing a scheme for generating a security key(MM) in the content management method according to the presentinvention. In this figure, in the random number generator 24 or the likeof FIG. 1, a security key (MM1) is generated based on key source data(MM) generated from a random number G61, and then, a specific function Kis multiplied by a content data identification code or the numberdetermined by order numbers or the like, whereby new security keys (MM2to MMn) are generated. By using a plurality of these security keys (MM2to MMn), a plurality of encryption title keys (Enc-TK1 to Enc-TKn) 63-1to n are subjected to encryption 64.

[0101] However, only the encrypted encryption key (Enc-MM) having keysource data (MM) encrypted therein may be stored in the security region,and thus, the required storage capacity of the security region is notincreased. Therefore, it becomes possible to manage contents of a numberof plural files while maintaining high security.

[0102] (Management Information)

[0103] In the content management method according to the presentinvention, reproduction or moving of content data is managed by means ofa move key (Move-Key) and a medium key (MB-key). Thus, these encryptionkey files are especially important data as is the case with encryptedcontents. That is, if an encrypted encryption key cannot be decrypted,the encrypted contents cannot be decrypted or reproduced, either.Because of this, as shown in FIG. 14, in a data area of a recordingmedium (for example, an optical disk), a move key (Move-Key) file and amedium key (MB-Key) file are provided in different file regions. Then,one table is allocated in each ECC block, and each table is written inquadruple in 4 ECC blocks, thereby improving data reliability.

[0104] A table of these files is shown in FIG. 15. That is, in arecording medium, there exist three types of keys, “a medium key(MB-Key) and a move key (Move-Key)”, “only a medium key (MB-Key)”, and“only a move key (Move-key)”. In addition, in the case where a largenumber of content files exist, it is required to easily read out arelationship between the medium key (MB-Key) and move key (Move-Key)relevant to a respective one of the content encryption keys fromindividual management. Because of this, in the move key (Move-Key) tableand the medium key (MB-Key) table shown in FIG. 15, these tables areconfigured by providing a pair of information, i.e., informationindicating the presence or absence of an encryption key associated witha respective one of the encrypted encryption keys and informationutilized in the case where the method for generating the security key(MM) shown in FIG. 13 is employed. By listing these tables, it becomespossible to easily determine whether moving contents is enabled withrespect to the respective content data.

[0105] By a variety of embodiments described above, one skilled in theart can achieve the present invention. Further, a variety ofmodifications of these embodiments can be easily conceived by oneskilled in the art, and can be applied to a variety of embodiments evenif one skilled in the art does not have inventive ability. Therefore,the present invention covers a broad range which is not contradictory tothe disclosed principle and novel features, and is not limited to theabove described embodiments.

[0106] For example, with respected to a security region in which asecurity key is to be stored, when the above described modulation and/ordemodulation process is used, a region for recording and/or reproducingsecurity information may be associated with a recording and/orreproducing area other than main data. By employing such a method, themain data does not include an error component, and thus, the reliabilityof content data is not lost.

[0107] As has been described in detail, according to the presentinvention, the move key (Move-key: Enc2-TK) for assuring movement ofcontent data and the medium key (MB-Key: Enc-TK) for assuringreproduction by a reproducing apparatus which is a conventionalgeneral-purpose machine (such as an optical disk, for example) arerecorded in a recording medium together with encrypted content data. Inthe recording and/or reproducing apparatus according to the presentinvention capable of decrypting a security key stored in a securityregion, reproduction or moving by the move key (Move-Key) is enabled. Inthe reproducing apparatus which is the conventional general-purposemachine, reproduction by the medium key (MB-Key) is assured. In thismanner, a moving process by a dedicated machine is enabled while thespread of content data is prevented. In addition, reproduction ofcontent data by the conventional machine is enabled.

What is claimed is:
 1. A content management method, comprising:encrypting content data by a first key; encrypting the first key bypredetermined plural types of second keys; multiply encrypting theencrypted first key by a third key; encrypting the third key by apredetermined fourth key; and recording in a recording medium contentdata encrypted by the first key, the first key encrypted by thepredetermined plural types of second keys, and the first key obtained bymultiply encrypting the encrypted first key by the second and thirdkeys, and recording the third key encrypted by the fourth key in asecurity region of the recording medium.
 2. A content management methodaccording to claim 1, wherein the first key is provided in plurality,the content data is provided in plurality, each of which is encryptedseparately, and the encrypted first key is generated in plurality.
 3. Acontent management method according to claim 1, wherein the third key isprovided in plurality according to the number of the plurality of firstkeys provided according to the number of the plurality of content data,and the plurality of encrypted first keys are recorded to be multiplyencrypted individually by a plurality of third keys.
 4. A contentmanagement method according to claim 1, wherein a recording mediumhaving recorded therein the encrypted content data, the first keyencrypted by the second key, and the first key multiply encoded by thesecond and third keys is identical to a recording medium in which thereexists a security region in which the third key encrypted by the fourthkey is recorded.
 5. A content management method according to claim 1,wherein one of the second keys is specific information of the recordingmedium.
 6. A content management method according to claim 1, wherein thecontent management method is implemented in a recording apparatus havingan encoder module and a drive communicated therewith via anauthentication process, and the third key is a key generated only in thedrive.
 7. A content management method according to claim 1, wherein thefirst key encrypted by the second key and the first key multiply encodedby the second and third keys are recorded in a different recording areaof the recording medium.
 8. A content management method according toclaim 1, wherein, in the case where content data is moved from the firstrecording medium to a second recording medium, the content data isre-encrypted after being decrypted, the encrypted content data and onlythe encryption key for controlling movement of content are recorded inthe second recording medium, and an encryption key for control movementof contents recorded in the first recording medium is deleted.
 9. Acontent management method according to claim 8, wherein, in the casewhere content data is moved to a third recording medium from the secondrecording medium having recorded therein only the encryption key forcontrolling movement of contents, the content data is re-encrypted afterbeing decrypted, the encrypted content data and the encryption key forcontrolling movement of contents are recorded in the third recordingmedium, and the encryption key for controlling movement of contents ofthe second recording medium is deleted, thereby carrying out processingfor moving contents between the recording mediums.
 10. A contentmanagement method according to claim 1, further comprising: generatingkey source data by a specific random number generator; multiplying aspecific function based on information for specifying the plurality ofcontent data to generate a plurality of third keys; recording theplurality of third keys as the multiply encrypted key of a plurality ofencrypted first keys, with a plurality of encrypted content data and amultiply encrypted first key in a recording medium; and encrypting thekey source data generated by the random number generator by means of apredetermined encryption key, and then, recording the encrypted data ina security region of the recording medium.
 11. A content managementmethod according to claim 1, further comprising: in the case where thefirst key encrypted by the second key and the first key multiply encodedby the second and third keys each are recorded as independent file datain an independent recording area, providing an encrypted encryption keyfile having identification information indicating whether file key datais the first key encrypted by the second key or the first key multiplyencoded by the second and third keys at the beginning of the key file ofthe storage area or at a predetermined position and identificationinformation indicating whether a respective counterpart key file existsor not.
 12. A content management method according to claim 11, whereinthe encrypted encryption key file is multiply written a plurality oftimes.
 13. A content management method according to claim 1, furthercomprising: in a reproduction process of the first recording medium anda second recording medium having recorded therein a security region theencrypted content data, the first key multiply encoded by the second andthird keys, and the third key encrypted by the fourth key, in the firstrecording medium, reading out the first key encrypted by the second key,decrypting the first key encrypted by predetermined plural types ofsecond keys, reading out the encrypted content data, and decryptingcontent data by the decrypted first key, thereby carrying outreproduction, and in the second recording medium, reading out the thirdkey encrypted from the security region, decrypting the third keyencrypted by predetermined plural types of fourth keys, reading out thesecond key multiply encoded by the second and third keys to detect thefirst key decrypted by the third key and encrypted by the second key,decrypting the first key encrypted by the predetermined plural types ofsecond keys, and decrypting the encrypted content data by the decryptedfirst key, thereby carrying out reproduction.
 14. A recording apparatuscomprising: an encrypting portion which encrypts assigned content databy a first key, encrypts the first key by predetermined plural types ofsecond keys, multiply encrypts the encrypted first key by a third key,and encrypts the third key by a predetermined fourth key; and recordingportions which records in a first recording medium the content dataencrypted at the encrypting portion, the first key encrypted by thesecond key, and the first key multiply encoded by the second and thirdkeys, and records the third key encrypted by the fourth key in asecurity region.
 15. A recording apparatus according to claim 14,further comprising: processing portions which, in the case where contentdata is moved from the first recording medium to a second recordingmedium, encrypts the content data after being decrypted, records only anencrypted content data and an encryption key for controlling movement ofcontents in the second recording medium, and deletes the encryption keyfor controlling movement of contents recorded in the first recordingmedium, and; in the case where content data is moved to a thirdrecording medium from a recording medium having recorded therein onlythe encryption key for controlling movement of contents as in the secondrecording medium, re-encrypts content data after being decrypted,recording the encrypted content data and the encryption key forcontrolling movement of contents in the third recording medium, anddeletes the encryption key for controlling movement of contents of thesecond recording medium which is a source medium, thereby carrying outprocessing for moving content data between the recording mediums.
 16. Arecording apparatus according to claim 14, further comprising:processing portions which encrypts a plurality of content dataindividually by a plurality of first keys, encrypts the plurality offirst keys by predetermined plural types of second keys, and in the casewhere the processing portion encrypts the encrypted first keys by aplurality of third encryption keys, which generates key source data by aspecific random number generator, and which multiplies a specificfunction based on information for specifying the plurality of contentdata to generate a plurality of third keys, and the processing portionsrecords the plurality of third keys as a plurality of encrypted firstkeys, records in a recording medium, with a plurality of encryptedcontent data and multiply encrypted first key, and the processingencrypts the key source data generated by the random number generator bya predetermined encryption key, and records the encrypted data in asecurity region of the recording medium.
 17. A recording apparatusaccording to claim 14, further comprising: processing portions which, inthe case where the first key encrypted by the second key and the firstkey multiply encoded by the second and third keys are recorded asindependent file data, respectively, in an independent recording area ofthe first recording medium, records an encrypted encryption key filehaving identification information indicating whether file key data isthe first key encrypted by the second key or the first key multiplyencoded by the second and third keys at the beginning of the key file orat a predetermined position and identification information indicatingwhether a respective one of the counterpart keys file exists.
 18. Arecording medium having stored the following in a storage region of afirst recording medium: content data encrypted by a first key; a firstkey encrypted by encrypting the first key by predetermined plural typesof second keys; a first key obtained by multiply encrypting theencrypted first key by a third key; and a third key obtained byencrypting the third key by a predetermined fourth key.
 19. A recordingmedium according to claim 18, further comprising, second and thirdrecording mediums which is different from the first recording medium andhave recorded therein the content data encrypted by the first key andthe encryption key for controlling movement of contents obtained bymultiply encrypting the first key.
 20. A recording medium according toclaim 18, wherein the first recording medium generates key source databy a specific random number generator; and multiplies a specificfunction by an identification code of content data or the numberdetermined by order numbers or the like, thereby generating theplurality of third keys; and wherein these keys are employed as amultiply encrypted key of a plurality of the encrypted first keys, aplurality of encrypted content data and multiply encrypted first key arerecorded, and further, the key source data generated by the randomnumber generator is encrypted by a predetermined encryption key, and isrecorded in a security region.